74
◾
Ethical Hacking and Penetration Testing Guide
Knock.py
Knock.py is a tool that has capabilities similar to fierce for determining subdomains. It has a
built-in internal list as well as the capabilities of scanning with your custom wordlist. It can also
perform zone transfers; for that purpose, you just need to issue an additional parameter (-zt).
Examples
Scanning with internal lists:
Python knock.py
Scanning with custom wordlist:
Python knock.py
Zone transfer file discovery:
Python knock.py
-zt
Knock.py has various options, which I will leave for you to explore. You can access its documenta-
tion at
https://code.google.com/p/knock/wiki/documentation
Wolframaplha
The following website also gives a decent amount of subdomains. It returns the most important
subdomains that get the most traffic. If you want to save time, you can try wolframaplha.
Dostları ilə paylaş: